taxreclaim.personalbanker.ca
Open in
urlscan Pro
52.60.46.197
Public Scan
Submission: On November 10 via automatic, source certstream-urgent — Scanned from CA
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 15th 2021. Valid for: a year.
This is the only time taxreclaim.personalbanker.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-46-197.ca-central-1.compute.amazonaws.com
taxreclaim.personalbanker.ca |
ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com | |
maxcdn.bootstrapcdn.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
www.googleadservices.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-37-84.ewr53.r.cloudfront.net
cdn.funnelytics.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-158-244.ca-central-1.compute.amazonaws.com
track-v2.funnelytics.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-191-125.compute-1.amazonaws.com
d.adroll.com |
ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net |
ASN29990 (ASN-APPNEX, US)
PTR: 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com |
ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
cm.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com |
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net |
Domain | Requested by | |
---|---|---|
14 | taxreclaim.personalbanker.ca |
taxreclaim.personalbanker.ca
|
9 | d.adroll.com |
7 redirects
s.adroll.com
taxreclaim.personalbanker.ca |
8 | s.adroll.com |
2 redirects
www.googletagmanager.com
taxreclaim.personalbanker.ca s.adroll.com d.adroll.com |
3 | idsync.rlcdn.com |
2 redirects
taxreclaim.personalbanker.ca
|
3 | d.clarity.ms |
www.clarity.ms
d.clarity.ms |
3 | track-v2.funnelytics.io |
cdn.funnelytics.io
|
3 | www.google.ca |
taxreclaim.personalbanker.ca
|
3 | www.gstatic.com |
www.google.com
www.googletagmanager.com www.gstatic.com |
3 | connect.facebook.net |
taxreclaim.personalbanker.ca
connect.facebook.net |
3 | www.google.com |
taxreclaim.personalbanker.ca
|
2 | us-u.openx.net |
1 redirects
taxreclaim.personalbanker.ca
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | pippio.com | 2 redirects |
2 | ib.adnxs.com |
1 redirects
taxreclaim.personalbanker.ca
|
2 | x.bidswitch.net |
1 redirects
taxreclaim.personalbanker.ca
|
2 | c.clarity.ms |
1 redirects
taxreclaim.personalbanker.ca
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.googleadservices.com |
1 redirects
www.googletagmanager.com
|
2 | www.facebook.com |
taxreclaim.personalbanker.ca
|
2 | www.googletagmanager.com |
taxreclaim.personalbanker.ca
|
2 | maxcdn.bootstrapcdn.com |
taxreclaim.personalbanker.ca
|
2 | stackpath.bootstrapcdn.com |
taxreclaim.personalbanker.ca
stackpath.bootstrapcdn.com |
2 | fonts.googleapis.com |
taxreclaim.personalbanker.ca
|
1 | tags.rd.linksynergy.com | 1 redirects |
1 | ads.yahoo.com |
taxreclaim.personalbanker.ca
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | c.bing.com | 1 redirects |
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.clarity.ms |
taxreclaim.personalbanker.ca
|
1 | cdn.funnelytics.io |
taxreclaim.personalbanker.ca
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdnjs.cloudflare.com |
taxreclaim.personalbanker.ca
|
65 | 32 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.personalbanker.ca Sectigo RSA Domain Validation Secure Server CA |
2021-10-15 - 2022-10-29 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-10-18 - 2022-01-10 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-01 - 2022-02-28 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2021-10-18 - 2022-01-10 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-10-18 - 2022-01-10 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-08-20 - 2021-11-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-10-18 - 2022-01-10 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2021-10-18 - 2022-01-10 |
3 months | crt.sh |
*.funnelytics.io Amazon |
2021-01-06 - 2022-02-03 |
a year | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2021-06-01 - 2022-06-01 |
a year | crt.sh |
s.adroll.com Amazon |
2021-08-02 - 2022-08-31 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-10-18 - 2022-01-10 |
3 months | crt.sh |
a.clarity.ms Microsoft RSA TLS CA 01 |
2021-07-27 - 2022-07-27 |
a year | crt.sh |
adroll.mgr.consensu.org Amazon |
2021-09-10 - 2022-10-09 |
a year | crt.sh |
*.google.ca GTS CA 1C3 |
2021-10-18 - 2022-01-10 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://taxreclaim.personalbanker.ca/
Frame ID: A25ABD6C7562390083358AD4DB14618C
Requests: 66 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://s.adroll.com/j/exp/FJ44LOYUDBDOZGATHEMXRV/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://s.adroll.com/j/pre/FJ44LOYUDBDOZGATHEMXRV/3SUNQQKVHBERDEDLDYXDEQ/fpconsent.js HTTP 302
- https://s.adroll.com/j/pre/index.js
- https://www.googleadservices.com/pagead/conversion/432528865/wcm?cc=ZZ&dn=18004651563&cl=JDolCLexj_QBEOG7n84B&ct_eid=2 HTTP 302
- https://www.google.ca/pagead/attribution/wcm?cc=ZZ&dn=18004651563&cl=JDolCLexj_QBEOG7n84B
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5ED23B38442343E797DC6942A25C4580&RedC=c.clarity.ms&MXFR=0F7D8326B0FA6AB315F993CDB4FA6414 HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5ED23B38442343E797DC6942A25C4580&MUID=020885522FE56F8D152D95B92E9D6E2F
- https://d.adroll.com/pixel/FJ44LOYUDBDOZGATHEMXRV/3SUNQQKVHBERDEDLDYXDEQ?adroll_fpc=efbe185b465728e0826e65e199480b68-1636564526283&arrfrr=https%3A%2F%2Ftaxreclaim.personalbanker.ca%2F&xid_ch=f&pv=69986646208.9412&cookie=&adroll_s_ref=&keyw= HTTP 302
- https://s.adroll.com/pixel/FJ44LOYUDBDOZGATHEMXRV/3SUNQQKVHBERDEDLDYXDEQ/EH7JYOPY65F5ZKBUI66SKR.js
- https://d.adroll.com/cm/r/out?adroll_fpc=efbe185b465728e0826e65e199480b68-1636564526283&arrfrr=https%3A%2F%2Ftaxreclaim.personalbanker.ca%2F&xid_ch=f&advertisable=FJ44LOYUDBDOZGATHEMXRV HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/b/out?adroll_fpc=efbe185b465728e0826e65e199480b68-1636564526283&arrfrr=https%3A%2F%2Ftaxreclaim.personalbanker.ca%2F&xid_ch=f&advertisable=FJ44LOYUDBDOZGATHEMXRV HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=NmNlNmM2NmE0MmUzZDFhODIwNjQ4YjU5ODBiNDRkMmI HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmNlNmM2NmE0MmUzZDFhODIwNjQ4YjU5ODBiNDRkMmI
- https://d.adroll.com/cm/x/out?adroll_fpc=efbe185b465728e0826e65e199480b68-1636564526283&arrfrr=https%3A%2F%2Ftaxreclaim.personalbanker.ca%2F&xid_ch=f&advertisable=FJ44LOYUDBDOZGATHEMXRV HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=NmNlNmM2NmE0MmUzZDFhODIwNjQ4YjU5ODBiNDRkMmI HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNmNlNmM2NmE0MmUzZDFhODIwNjQ4YjU5ODBiNDRkMmI
- https://d.adroll.com/cm/l/out?adroll_fpc=efbe185b465728e0826e65e199480b68-1636564526283&arrfrr=https%3A%2F%2Ftaxreclaim.personalbanker.ca%2F&xid_ch=f&advertisable=FJ44LOYUDBDOZGATHEMXRV HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=6ce6c66a42e3d1a820648b5980b44d2b HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNmNlNmM2NmE0MmUzZDFhODIwNjQ4YjU5ODBiNDRkMmIQABoNCK78r4wGEgUI6AcQAEIASgA HTTP 307
- https://pippio.com/api/sync?pid=5324&it=1&iv=41be87c5714594f3a9f05f821dace04c2e144955f1fb5a7c4eda2fda84442875791426b5417dce21&_=2 HTTP 307
- https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0MWJlODdjNTcxNDU5NGYzYTlmMDVmODIxZGFjZTA0YzJlMTQ0OTU1ZjFmYjVhN2M0ZWRhMmZkYTg0NDQyODc1NzkxNDI2YjU0MTdkY2UyMRAAGgwIr_yvjAYSBAgCEABCAEoA HTTP 302
- https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0MWJlODdjNTcxNDU5NGYzYTlmMDVmODIxZGFjZTA0YzJlMTQ0OTU1ZjFmYjVhN2M0ZWRhMmZkYTg0NDQyODc1NzkxNDI2YjU0MTdkY2UyMRAAGgwIr_yvjAYSBAgCEABCAEoA&google_gid=CAESEC88MANefk1V7nk6JwAKJ5Q&google_cver=1 HTTP 307
- https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
- https://idsync.rlcdn.com/458249.gif?partner_uid=edf26c9e-82b9-40b2-bd62-139cd2037350
- https://d.adroll.com/cm/o/out?adroll_fpc=efbe185b465728e0826e65e199480b68-1636564526283&arrfrr=https%3A%2F%2Ftaxreclaim.personalbanker.ca%2F&xid_ch=f&advertisable=FJ44LOYUDBDOZGATHEMXRV HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=6ce6c66a42e3d1a820648b5980b44d2b HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6ce6c66a42e3d1a820648b5980b44d2b
- https://d.adroll.com/cm/g/out?adroll_fpc=efbe185b465728e0826e65e199480b68-1636564526283&arrfrr=https%3A%2F%2Ftaxreclaim.personalbanker.ca%2F&xid_ch=f&advertisable=FJ44LOYUDBDOZGATHEMXRV&google_nid=adroll5 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=bObGakLj0aggZItZgLRNKw HTTP 302
- https://d.adroll.com/cm/g/in
65 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
taxreclaim.personalbanker.ca/ |
147 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 913 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
34 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stylesheet.min.css
taxreclaim.personalbanker.ca/css/ |
537 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.min.css
taxreclaim.personalbanker.ca/css/ |
87 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom_css.css
taxreclaim.personalbanker.ca/css/ |
43 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
media-mobile.css
taxreclaim.personalbanker.ca/css/ |
2 KB 1016 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
taxreclaim.personalbanker.ca/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.1.min.js
taxreclaim.personalbanker.ca/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.form-validator.min.js
taxreclaim.personalbanker.ca/js/ |
29 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
taxreclaim.personalbanker.ca/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 971 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-select.css
taxreclaim.personalbanker.ca/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.css
taxreclaim.personalbanker.ca/css/ |
315 B 547 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-select.js
taxreclaim.personalbanker.ca/js/ |
62 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
90 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LOGO-PB.png
taxreclaim.personalbanker.ca/img/ |
205 KB 205 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom_js.js
taxreclaim.personalbanker.ca/js/ |
85 B 483 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
144 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
266 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ |
46 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
677729276046505
connect.facebook.net/signals/config/ |
39 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ |
345 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 406 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
37 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.gstatic.com/wcm/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.js
cdn.funnelytics.io/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
58ygtfy566
www.clarity.ms/tag/ |
570 B 947 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
47 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
call-tracking_7.js
www.gstatic.com/call-tracking/ |
54 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/432528865/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 762 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/ Redirect Chain
|
0 733 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/FJ44LOYUDBDOZGATHEMXRV/3SUNQQKVHBERDEDLDYXDEQ/ |
0 786 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wcm
www.google.ca/pagead/attribution/ Redirect Chain
|
80 B 565 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
sessions
track-v2.funnelytics.io/ |
50 B 261 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 216 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
d.clarity.ms/s/0.6.27/ |
51 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 442 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FJ44LOYUDBDOZGATHEMXRV
d.adroll.com/consent/check/ |
396 B 864 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 451 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/432528865/ |
42 B 327 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.ca/pagead/1p-user-list/432528865/ |
42 B 227 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EH7JYOPY65F5ZKBUI66SKR.js
s.adroll.com/pixel/FJ44LOYUDBDOZGATHEMXRV/3SUNQQKVHBERDEDLDYXDEQ/ Redirect Chain
|
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
steps
track-v2.funnelytics.io/ |
47 B 256 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5a0955b4-9b59-4c2f-8045-62f8a628ad34
track-v2.funnelytics.io/settings/ |
38 B 248 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sendrolling.js
s.adroll.com/j/ |
11 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
553010104830679
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
ads.yahoo.com/cms/ Redirect Chain
|
0 447 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
458249.gif
idsync.rlcdn.com/ Redirect Chain
|
42 B 320 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 536 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
d.clarity.ms/ |
0 102 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
d.clarity.ms/ |
0 48 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
95 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| jQuery1111046938294747815035 object| $jscomp function| fbq function| _fbq function| gtag object| dataLayer string| currenty_paid_year string| year_drop_down string| year_drop_down_custody number| partner_no function| spouseRelationshipValue function| PartnerEmail function| array_diff function| multiselect_year_method function| do_they_live_radio function| invite_independent_radio function| manageHiddenFields function| dep_living_with_you function| family_medical_both function| family_invite_child_confirm function| child_invite_name function| invite_child_radio function| getAge function| depExtendedfamily function| depchild number| child_number function| add_extend_fields function| add_fields function| delete_extend_fields function| delete_fields function| showpaymensTrustee function| hidepaymensTrustee function| hideTrustee function| showTrustee function| showfinanctialtable function| showChildTable function| hideChildTable function| hidefinanctialtable function| showForeignprop function| hideForeignprop function| recaptchaCallback function| validate function| checkExistMail function| $j object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| _googWcmImpl string| _googWcmAk object| funnelytics function| clarity string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded string| GoogleAnalyticsObject function| ga function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl object| cookies object| gaplugins object| gaGlobal object| gaData object| recaptcha object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| google_wcc_status string| adroll_seg_eid38 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
taxreclaim.personalbanker.ca/ | Name: PHPSESSID Value: 8lop3g6arqjh9abdrieghnpgb4 |
|
.personalbanker.ca/ | Name: _fbp Value: fb.1.1636564525911.620193201 |
|
.personalbanker.ca/ | Name: _gcl_au Value: 1.1.341785595.1636564526 |
|
.facebook.com/ | Name: fr Value: 0wqbFSqMiUA29Qnak..Bhi_4t...1.0.Bhi_4t. |
|
.personalbanker.ca/ | Name: _ga Value: GA1.2.1571847434.1636564526 |
|
.personalbanker.ca/ | Name: _gid Value: GA1.2.232251118.1636564526 |
|
.personalbanker.ca/ | Name: _gat_gtag_UA_148250693_1 Value: 1 |
|
www.clarity.ms/ | Name: CLID Value: e9a42cd1ecb34cbdb78563931c0d5061.20211110.20221110 |
|
.taxreclaim.personalbanker.ca/ | Name: __adroll_fpc Value: efbe185b465728e0826e65e199480b68-1636564526283 |
|
.personalbanker.ca/ | Name: _fs Value: 9febdda6-b53c-45f1-a513-3f166349d3d3 |
|
.taxreclaim.personalbanker.ca/ | Name: __ar_v4 Value: %7CFJ44LOYUDBDOZGATHEMXRV%3A20211110%3A1%7C3SUNQQKVHBERDEDLDYXDEQ%3A20211110%3A1%7CEH7JYOPY65F5ZKBUI66SKR%3A20211110%3A1 |
|
.personalbanker.ca/ | Name: _clck Value: 1szdyhv|1|ewb|0 |
|
.openx.net/ | Name: i Value: 722988e4-f56a-449e-b6c3-75957e2a34dd|1636564526 |
|
.bidswitch.net/ | Name: tuuid Value: 82809b13-ab38-4901-aafd-d517b66d5c15 |
|
.bidswitch.net/ | Name: c Value: 1636564526 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1636564526 |
|
.bing.com/ | Name: MUID Value: 020885522FE56F8D152D95B92E9D6E2F |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 020885522FE56F8D152D95B92E9D6E2F |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUn0nsatKAEBk4uUx3_-B-EBjMqABptFwAhZrcvJMynrDuwfEuUvUH-9P3T406s |
|
.adnxs.com/ | Name: uuid2 Value: 6555467875510442035 |
|
.personalbanker.ca/ | Name: _clsk Value: 3fapgb|1636564526599|1|1|d.clarity.ms/collect |
|
d.adroll.com/ | Name: __adroll Value: 6ce6c66a42e3d1a820648b5980b44d2b-g_1636564526-a_1636564526 |
|
.adroll.com/ | Name: __adroll_shared Value: 6ce6c66a42e3d1a820648b5980b44d2b-g_1636564526-a_1636564526 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E?df<Lq@!]tbPl@/@8$-^=$UfY<*CbNOw^I@4u].B5/FR>>XBHFsRFAZEQXPn_u[5`Sn?q93`>uy?JZskq1q`1<3*bpRz*qF1`*b_>j-5nn? |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 020885522FE56F8D152D95B92E9D6E2F |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBC7-i2ECEEZ6cI4zPRMdbQsYTRerFPMFEgEBAQFPjWGVYQAAAAAA_eMAAA&S=AQAAAijezSqSWDQ9BM9QpwJWOQE |
|
.rlcdn.com/ | Name: pxrc Value: CK78r4wGEgUI6AcQABIFCOhHEAA= |
|
.pippio.com/ | Name: did Value: SAap84z81I_D3QtK |
|
.pippio.com/ | Name: didts Value: 1636564527 |
|
.pippio.com/ | Name: nnls Value: |
|
.pippio.com/ | Name: pxrc Value: CK/8r4wGEgQIAhAAEgYI7OsBEAA= |
|
.linksynergy.com/ | Name: rmuid Value: edf26c9e-82b9-40b2-bd62-139cd2037350 |
|
.linksynergy.com/ | Name: icts Value: 2021-11-10T17:15:28Z |
|
.rlcdn.com/ | Name: rlas3 Value: E+02ZqN633YFjVqD4YCCOFHlMPQuvhEbVFTXFIgDMIg= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.yahoo.com
c.bing.com
c.clarity.ms
cdn.funnelytics.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
maxcdn.bootstrapcdn.com
pippio.com
s.adroll.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tags.rd.linksynergy.com
taxreclaim.personalbanker.ca
track-v2.funnelytics.io
us-u.openx.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
107.178.254.65
13.226.37.84
142.250.65.194
142.250.80.66
2001:4998:1c:800::1001
2600:9000:21da:7800:6:9280:1080:93a1
2606:4700::6810:125e
2606:4700::6812:bcf
2607:f8b0:4006:807::200a
2607:f8b0:4006:809::2003
2607:f8b0:4006:809::2004
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4023:1404::9d
2620:1ec:27::cafe:1495
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.97.158.244
34.98.67.3
35.174.191.125
35.190.60.146
35.211.178.172
35.244.159.8
40.76.174.66
40.91.78.9
52.60.46.197
68.67.179.133
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a6addd701f333bb8c06d78189da750aaa12790c50be364b83fdacc024282b25
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f
139020a51b0f2244decf82ab507bc4ec06766a75b146ca2eb253490773571105
13d991f30cd98d0e34bdb07952de934b503e8ab46c506db6af689d352ba10b9e
14f5db1f03b024cfbcc1c6e9eb0e5fa8fc658ca55bdde829bc1c14495b319cdb
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
23835cd751adfa095921cf26f62bc76236cbcb517cc4ef83fcb659d1a0f8e2f2
260448fbcb87dcd5cd377831409a10ae96ef17bb7994fe0c2f863a1d5ee21f77
2aca871ba09c94615b90626339a470e5688a89ec790d33cde2613fb002676b45
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e9859b47eab3a3ab1840094cc89c1a14c612f567918c230ff99e0ee925ecac9
32c4f52f3bce2a8c3dde1f3b5d0ea6179a385cf14cc17a93b998bebcd0a4c000
3b7a76cb1a14cdc2211383801231844edd14abef8b49399ba55bedae4e2342fc
3f3211d6e537d610e9527d03dc5cd9b1fac9f49d434a38ac2707edff3aa65a38
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56095c0b76e8a5fcaf0665aec39ceae8cd05fc54d6611881a348bd4f0ee51803
5ce5e98c6de90039ea4cd47a56eb556acb40f2a4a63c9c0746d6dfce7dad747b
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
68a630ef8090352bf82f11882699316a76a753c46391f0b30310237d57ffb01f
6f9ade45fc9a2a809e589595227cf1d856cb198e79eafeb27744b9ef045c3d0a
75decb8e4e4791048b8ba0456a20f2eaf4cf70b47d86c800c2aa470f857d49bd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3aecf621690ee886288fa76e9df5e0faeecdc88767edc43492e3b644d843ae2
a87ac4a2246e2bd36d7c2e9a4c4095a6a278c89142accbe97f14c301741c6736
adce8a2747c7a78bcb930f1391a58be7d8b5c38ea7992e2a9d8b7e45dfe999c7
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3e59c950a5a087a326d765fd53a696204401464e12e214fc43a683ab3feb6fb
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
bc2c4786dd974f4950f7f60db491437005f81b5b8b0d5412df4d962ba229fab3
bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2
c3b803fdbe89fc38584666320a4fee14789b3260b6017df2fc65e3d45a7c3d3a
c598246840aab8776df4fe41d2dd58a13506f9c6e72bcc5dc5b0f073f05f32a6
d1510252e80ae98fa35ef0d993bd7dd1022dd85ed3e18b3d7174e45f981c0a20
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de72520d60eb0b6575cc6c659b1b561c27a3fd33e0a57fbce5c3702879d518df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a8810a40ac398eaf5862eed41b7388c648acba58021c08a381a62024ecaf48
eabe2fddc15c8c8fb73b597066f0bf181663ebec6bd4ba40ce97028f04f94d3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6c0bf23c04baf1a7777f7c22488415b2a9c1da5fd5bd21b53bccef8c0e726cc
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fb426d72df39344445d8b50dff8ed27b1053c46a7887a74f4317b50e48f16df4
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df